Closed zachmullen closed 3 years ago
Can you explain a bit more about the checksum forging?
I'd also like you to expand the comment that says that you lock the row to say why you are locking the row, I put a single line review at the relevant spot.
This now computes SHA-512 on files after their blob is set, i.e. at the closure of the upload flow. This PR attempts to provide at-most-once semantics for setting a blob on a file. Computing the checksum is an idempotent task, but it's important for security reasons that a blob is not able to be set more than once, otherwise it would be possible to forge a checksum via a race condition on the celery tasks. With that in mind, reviewers should convince themselves that the use of
select_for_update
sufficiently enforces this policy.